Upload
others
View
7
Download
0
Embed Size (px)
Citation preview
Stanford Forensics Lab: a case study
Glynn Edwards, RBMS, Baton Rouge, LA - 2011
Digital Forensics at Stanford University Libraries
Michael OlsonDigital Collections Project [email protected]
Topics
• The Collections
• Forensics Lab
• AIMS (An Inter‐Institutional Model for Stewardship)
• Hypatia software development
• Other efforts of note (training, data mining)
Collection Acquisitions in the 1990s
• Apple Computer Inc. records
• Douglas Engelbart papers
• Stephen Cabrinety collection
• By 2000, over 9,000 items of legacy computer media received as part of hybrid collections
And More Collections
• Stephen Jay Gould (documents)
• Keith Henson papers re: to Project Xanadu (applications)
• Robert Creeley (email)
• Peter Koch (design files)
Stephen Jay Gould
Peter Rutledge Koch papers
More collections, new challenges
Robert Creeley born-digital May 2011 addenda :•7 computers•3 zip drives•121 optical discs•422 3.5-inch floppy diskettes•1 Zip 250 USB Drive•1 Olympus Camedia CF/SmartMedia Reader•1 Olympus C-4000 Camedia Digital Camera & flash cards•1 20-gigabyte iPod
Robert Creeley
FRED (Forensic Recovery Evidence Device: Digital Intelligence) Software: FTK suite (AccessData) ‐ EnCase
Dear Peter,
Unfortunately we do not manufacture any motherboards now a days which can support the 5.25 floppy. The interface are different than 3.5 and they are becoming obsolete and are no longer available on the newer motherboards.
Capture Failure Statistics
• Stephen Jay Gould – 5 %
• Robert Creeley – 6 %
• Xanadu hard disk drives – 67%
AIMS Born‐Digital Collections: An Inter‐Institutional Model for Stewardship
Funded by the Andrew W. Mellon Foundation
University of VirginiaYale University
Hull University
Stanford University
Hypatia
• Developed on Hydra technology stack:• Fedora
• Solr
• Blacklight
• Hypatia is a Hydra application for arranging, describing, and delivering born digital archival content
• Application under development – demo app by Oct. 2011
Hypatia
• Wiki ‐https://wiki.duraspace.org/display/HYPAT/Home
• JIRA ‐https://jira.duraspace.org/browse/HYPAT
Additional Work of Note
• Training of Stanford library staff in forensic / logical capture as well as use of FTK
• Visualization of born digital collections• Robert Creeley Email Network Graph showing connection between Robert Creeley and poet Gerard Malanga – Elijah Meeks
• Data mining of sentiment in email archives ‐MUSE prototype software by Sudheendra Hangal, Computer Science PhD
Peter Rutledge Koch papers
AccessData FTK
• Create New Case
• Technical Metadata Extracted by FTK
• View Files in “obsolete” File Formats
• View Image Files as Thumbnails
• Search for Restricted Files using Index / Pattern Search
• Flag Restricted Files as Privileged
• Change Column Settings to Include or Exclude Information
• Apply Filter to Items to be Displayed
• Arrange Files in Series / Subseries by Assigning Bookmarks
• See Files by Bookmarks
• Create and Assign Labels to Files
• View Files by Labels
Creeley’s Email Network
Email Mining on Peter Koch’s Emails
Email Mining on Peter Koch’s Emails
http://suif.stanford.edu/~hangal/muse/